This chapter is from the book

This chapter is from the book

Typical proxy users include individual departments such as academic units of
a university, entire enterprises, and Internet Service Providers (ISPs). In this
chapter, we discuss various alternatives for deploying forward proxy caching in
enterprise and ISP networks. The general problem considered here is a mechanism
to deliver a client request to the proxy instead of the origin server specified
in the requested URL.

8.1 Overview of Internet Connectivity Architectures

Before discussing alternatives for proxy deployment, we need to understand at
a high level how an enterprise obtains its Internet connectivity. Consider
Figure 8.1, which depicts at a high level a typical ISP architecture. A large
ISP has a backbone network consisting of backbone nodes. Each node has some
access routers (ARs) that are the backbone entry points for
enterprise customers of the ISP (such as other ISPs) and backbone routers
(BRs) that provide connectivity between backbone nodes. Access
routers are connected to their local backbone routers via LANs. Backbone routers
in different nodes are connected via wide area network (WAN)
lines, creating the backbone topology. In addition, some backbone nodes
contain gateway routers (GRs) that link the backbone to the
outside world. On the ISP side, GRs are connected to their local BRs via a LAN.

Residential dial-in customers connect to modem banks located in the
ISP's dial-in points of presence (dial-in POPs), otherwise known as
dial-in hubs. These hubs are sometimes connected to backbone routers,
bypassing access routers. Only the largest enterprise customers connect directly
at access routers of a backbone node. Others connect at the ISP's
broadband points of presence (broadband POPs), which aggregate several
enterprises into one connection to the backbone access router. These POPs are
omitted in Figure 8.1 for simplicity.

Figure 8.2 shows typical ways in which enterprise networks connect to the
Internet. An enterprise may buy its Internet connectivity from one ISP (Figures
8.2a and 8.2b) or multiple ISPs (Figure 8.2c). If using a single ISP, the
enterprise network may be connected to its ISP at a single access router or
multiple access routers (Figures 8.2a and 8.2b). The main question for the
purpose of our discussion is whether there is a single element in the enterprise
network (a router, switch, or link) through which all Internet traffic flows. We
refer to such an element as a focal point. Focal points may be
undesirable from the fault-tolerance perspective, since a failure at a focal
point breaks the Internet connectivity of the enterprise. At the same time, they
create convenient points to deploy proxies, as we show later in this
chapter.

Note that many enterprises with multiple ISP connections use only one
connection for normal operation, with the rest serving as backups in case the
main connection fails. These enterprise networks have a focal point despite
multiple Internet connections. Other enterprise networks alternate between their
Internet connections to balance traffic across all available links. Doing so
eliminates a focal point for Internet traffic.

An ISP can deploy a proxy at a POP, at a backbone node to serve requests
entering the backbone at this node (a backbone entry point proxy), or at
a backbone node to serve any requests regardless of where they enter the
backbone (a backbone core proxy). The main tradeoff here is between the
amount of benefit from a cache hit versus the hit rate. A proxy at a POP is the
closest the ISP can get to the customers. Therefore, a cache hit at a POP proxy
can save the ISP the most bandwidth; such a hit can also reduce latency the
most, compared to other ISP locations. On the other hand, a POP proxy only
serves clients that connect at this POP; a limited client population can reduce
the hit rate [Duska et al. 1997; Gribble and Brewer 1997]. Perhaps even more
importantly, POP proxy deployment can get quite expensive, since a large ISP can
have hundreds of POPs. A backbone entry point proxy can serve all clients from
all POPs and enterprise networks that connect to the backbone at the
corresponding backbone node, although this proxy is farther away from customers.
A core backbone proxy can potentially serve all ISP clients but is the farthest
away from them. Interproxy cooperation (see Chapter 9) can alleviate the
tradeoff. We consider ISP proxy deployment in the form of a backbone entry point
proxy. The same issues arise also in other locations, so our discussion applies
to those locations as well.

The location of a proxy is less significant to enterprise networks because,
with the exception of a few global corporations, enterprise networks do not have
their own backbones.1 Therefore, an
enterprise or an enterprise department proxy can serve all clients in the
enterprise or the department, regardless of the proxy location.

A fundamental issue in proxy deployment is how to deliver requests to the
proxy. Figure 8.3 summarizes various methods for request delivery, which we
consider in the rest of this chapter. The main choice here is between
nontrasparent and transparent proxy deployment.